Hello welcome back, Today I will show you how to generate wordlists in Crunch using Kali Linux. If you are using a different Operating System or you do not have crunch installed please download it now.
Crunch comes pre-installed in Kali Linux in this tutorial we will be using Kali Linux 2017.2
In many of our password and cracking disciplines, we often need to use a wordlist that will essentially attempt thousands of potential passwords per second. This is often referred to as a dictionary attack, even though we need not rely solely on dictionary words. These wordlists may have any combination of characters and words in an attempt to crack a complex password offline.
The basic syntax for crunch looks like this:
kali > crunch <min> max<max> <characterset> -t <pattern> -o <output filename>
Lets go over what’s included in the syntax listed above.
min = The minimum password length. max = The maximum password length. characterset = The character set to be used in generating the passwords. -t <pattern> = The specified pattern of the generated passwords. For instance, if you knew that the target's birthday was 0728 (July 28th) and you suspected they used their birthday in their password (people often do), you could generate a password list that ended with 0728 by giving crunch the pattern @@@@@@@0728. This word generate passwords up to 11 characters (7 variable and 4 fixed) long that all ended with 0728. -o <outputfile> = This is the file you want your wordlist written to we can also do this will strings and or a mixture.
man crunch will let your view Crunch Manual pages.
1) Start Crunch
2) Choose what options you would like as different options give different wordlist variations heres a few examples.
# crunch 4 8 HackingVision12345 -o numbersletters.txt
crunch 4 8 (Where the first number (4) is the shortest word length and the second (8) is the longest word length.
# crunch 6 8 1234567890 -o /root/numericwordlist.lst
This command will generate a wordlist in Crunch using only numerical digits. where (6) is the shorted length of password (8) represents the largest length of the passwords to be generated by Crunch.
# crunch 10 10 -t @@@@@@0728 -o /root/birthdaywordlist.lst
The command above will generate a wordlist with all possible birthday patterns in numeric.
The @ sign is used to represent a wildcard of all possibilities, while the literals “0728” represent the fixed values.
Now lets say we know that our target is using an eight character password with only alphabetic characters, we could generate a list of all the possibe passwords in crunch with the following command:
#crunch 8 8 -f /usr/share/rainbowcrack/charset.txt mixalpha -o /root/alphawordlist.lst
3) Go to output folder where the generated wordlists are stored.
4) Congrats you have now generated a wordlist in Crunch. Thanks for supporting HackingVision.
- Top 10 Phishing Tools - 10th April 2020
- Distributed Hash Cracking Hashcat Hashtopolis Tutorial - 30th March 2020
- Cracking Password Hashes with Hashcat Rule-based attack - 27th March 2020